I love Timehop. They rolled out some promising changes yesterday, along with some things that I thought were problematic: assuming that Facebook connections could automatically see objects from other services, not giving me a heads up about socializing my data when I thought the transaction was personal, and defaulting to posting my personal annotations.
I like them so much I did a blog post about it, and I'd like to hear your thoughts.

I love Timehop. They rolled out some promising changes yesterday, along with some things that I thought were problematic: assuming that Facebook connections could automatically see objects from other services, not giving me a heads up about socializing my data when I thought the transaction was personal, and defaulting to posting my personal annotations.

I like them so much I did a blog post about it, and I'd like to hear your thoughts.

I'm still waiting to hear back from them regarding permissions.Definitely a fan of the service as I knew it.Doing my best to reserve judgement until I can get some clarity on what's being shared and how best to control it.That said, I de-authorized my FourSquare and my SMS messages yesterday.

SMS is locked.You have to go in and actively unlock it and publish it.I think they did SMS good.I asked Jonathan a few weeks ago if he would observe at least the permissions on groups you give when you authorize facebook (you can say which groups you allow to see your content) and he said they were working on it/thinking about it.Something will be done.It's a beta now and this is exactly the stuff they want to work out.Hopefully jonathan will chime in, and if he doesn't, I'll go grab him and make him.;)

Hey guys, thanks so much for writing that post and starting this branch -- it's awesome to hear that our users care so much!To be clear: your SMS messages, off-the-grid checkins and locked twitter/instagram accounts are (still) secure and private.We're still working on getting privacy right.We're trying to strike a balance between discovery (letting you find the interesting and momentous occasions in your friends lives) and privacy.

We haven't rolled out the new version to everyone yet, just a few of our earliest users because honestly our team doesn't feel like it's quite "production ready" yet.But we wanted to start seeing how people like it and test some assumptions -- and to start conversations like this one!

To continue on my rant a bit, digital history privacy is a funny thing-- not just across different networks, but across time (older content feels more private).In my mind, the reason foursquare has a friend graph versus being 100% public is because a lot of people still aren't comfortable with the idea of broadcasting a beacon of their current location to everyone.Who knows what crazy person might show up...live location data and tracking is sensitive data!But we felt that "outdated" year-old location data should have none of those same security issues and therefore fewer privacy concerns.But what we're hearing from users so far is that we need to re-evaluate that assumption.

Jonathan: thanks for chiming in and sharing some of these assumptions.There are probably numerous reasons why people choose privacy options, security, surely is one of them.But I think you'd have to strictly reproduce privacy settings on data you import, build a case with the user of the value of changing that setting in the new context, and keep them firmly in control and easily aware of who can see what. Unilateral decisions (a la Facebook) confuse & frustrate people and erode trust.

Regardless of why someone chose something to be private a year ago, it's shocking if not a breach to reverse that choice.

I have access to the beta and am a bit confused on the goal.I love the idea of seeing moments more than a year ago.It's why I love Jolicloud.I guess what would be most interesting is seeing people who shared the moments with me - their perspectives, rather than random moments from people I know.In that way, meaningful events in the past can be given a 360 view.

It's an interesting problem.Let's assume, for a moment, that we all want it.I like it, some people will like it.What's a good default set of privacy settings?Seems to me the UX of reconciling 4-5 different social networks friend graphs and permissions is hopelessly daunting for any one.I wouldn't do it.So what would be easy, but safe?By-network inclusion?Like "foursquare, okay show all, facebook, don't show status updates, twitter, show all, instagram, show all...go!"?

I'd start only with what the user had previously granted. Then, in situ, show them the value of extending those permissions. I remember thinking Pownce did a good job of on-the-fly privacy cues.It's not the typical set-the-defaults-without-really-reading-anything-and-go, because who is going to get what you're implying? I would model the interaction, communicate the value, and make it clear I'm asking the user to change something they had set elsewhere.And why. And how they can undo it if they don' t like the result.

I don't think that would work, owing to the points above.Lets walk through it: 1) I have a friend, bob, on Foursquare and facebook.2) Bob's on facebook, foursquare and timehop.3) I only friended Bob on Foursquare 6 months ago.What do I do?What do I do if I unfriended Bob on facebook six months ago?Can we even know those things?Times three, four networks?Even if I perfectly replicated who was friends at the time, I'd possibly upset someone who forgot what their friend graph looked like a year ago.Even if I replicated the way it is now, but not then, it's weird and kinda made up.What if I hated him a year ago and made a weird comment then, but now we're friends, and I just assumed it was following old defaults?It's too complex.

I think the only options are to either force the user to set permissions by networks, as described above, or to do something around approving friends who can follow you.Like accepting friends or explicitly, clearly stating that those who you follow can now follow you.Something like that.

Here's another order of complexity: flickr has an extra set of filters per object. Everyone/friends/family. So then I have *per object* permissions to factor in as well.

Following up on Laura's point: the use case here seems to be around people you shared an experience with. That's an organic behavior I've done myself -- forwarded my Timehop emails with a little note: remember this? So, could we take a cue from Path and 1) severely delimit who gets to see this archive and 2) get visual cues for who is looking at particular items, thus prompting you to shape permissions as each object goes through the system.

Sorry to take this of course for a second, but WOW!Great new functionality!Finally those daily posts of quantified self can be viewed meaningfully.I am also seeing how I've moved from one service to another over the years.For my purposes, I feel that there is no categorical way to take any historic information and socialize it in a new way.So here is my stab at categorizing my feed.TO BE CONTINUED...

Quantified Self Posts:Every once in a while I'll start a daily feed of personal analytics.Of course I generally end up wiping the posts or stopping them because they get ANNOYING.This may include from the most to least sensitive: purchases (formerly Blippy), health information (weight, blood pressure, exercise logging, heart rate, body composition, dietary logging, sleep logging, or mood), goals tracking (hashtag delimited), location (check-ins #WhereIsTungLy), and professional accomplishments.Yes!I want to share my successes, but I can only qualify them in hindsight.No!My failures are embarrassing and could hurt other people.Some of there posts are by specific service.Some are shared with a delimiter.How to share specific sets?

Bitching Posts:Sometimes people, corporations (not the same as people), institutions, nature, or situations piss me off!Yes!I is valuable to show failures and how we've progressed.No!I probably don't still feel the same way and would rather not bring it up again.These posts are everywhere.They happen any time, although many end the day.They happen on any service.They are blurted and there is no delimiter I would use to restrain them.How do I catch these without having to check everyday?

I spent some time yesterday trying to track down the Privacy settings and realized that my issue was even more confusing than I started out.I was still on 1.0 but receiving notifications that people were following me.I'd received no messaging prior to this, and had no idea what of my past historical data was being displayed to followers.Searching for privacy settings was fruitless as I had not yet upgraded to 2.0...hence my confusion.While I think a lot of the turbulence I experienced can be chalked up to the version transition, messaging had a whole lot to do with it.That needs to be addressed, and handled gingerly as the entire community moves to 2.0.